ORGANIZATION OF PROTECTION OF KNOWLEDGE CONTROL RESULTS IN DISTANCE LEARNING SYSTEMS
DOI:
https://doi.org/10.28925/2663-4023.2020.10.144157Keywords:
Distance learning systems, registration and authentication threats, knowledge control threats, monitoring, threat protectionAbstract
This paper is devoted to the consideration of information security problems in distance learning systems (DLS), which are becoming widespread in the modern world of educational services, as one of the most effective and promising training systems. The basic information about DLS that exist in the Ukrainian and foreign educational markets is given. The general principle of application of such training, the main functional components and objects of interaction within the framework of DLS are considered. The basic problems of information protection in modern distance learning systems and threats from the point of view of information security for such systems are analyzed in detail, the main goals that an attacker may pursue while carrying out attacks on DLS and vulnerabilities due to which he carries out these attacks are listed. Threats and destabilizing effects of accidental nature are also mentioned. The most common DLS's are compared according to such key parameters as threats of corrupt registration and authentication, threats of reliability of knowledge control results and threats of malicious software implementation. The main focus is on the approaches to the protection of DLS from threats of user substitution (both during the authorization and for an authorized user), threats of the usage of software bots and scripts (by applying the method of protection against the use of scripts based on hidden elements and the method of protection based on behavioral analysis), and also threats to the usage of lectures, electronic reference books and other third-party teaching materials. The mechanism of protection against threats to the reliability of knowledge control results is proposed, which describes actions of the DLS user and the server at the following stages: registration, login, user in the process of filling in the questionnaire, user completed the questionnaire, user starts the test / task and completed testing. This algorithm can be used in any distance learning system to protect from threats to the authenticity of knowledge, and its novelty consists in the usage of methods of user authentication and limiting the functionality available to those users.
Downloads
References
Bogomolov V.A. (2007). Obzor besplatnyh sistem upravlenija obucheniem [The review of free-of-charge control systems of training]. Technology & Society, 10(3), pp. 439-459.
Yong Chen, Wu He. (2013) Security Risks and Protection in Online Learning: A Survey. The International Review of Research in Open and Distance Learning, 14(5), pp. 108-127.
Kassid Asmaa, El kamoun Najib. (2016). E-Learning Systems Risks and their Security. The International Journal of Computer Science and Information Security (IJCSIS), 14(7), pp. 194-200.
Nguyen Huu Phuoc Dai, András Kerti, Zoltán Rajnai. (2020). E-Learning Security Risks and Countermeasures, Emerging Research and Solutions in ICT 1(1), pp. 17-25.
Budіk O.O., Chekurіn V.F. (2012). Specifіchnі zagrozi іnformacіjnіj bezpecі sistem elektronnogo navchannja [Specific threats to information security of e-learning systems] Bulletin of the National University "Lviv Polytechnic". Automation, measurement and control. No.741, pp. 71-76.
Chekurіn V.F., Budіk O.O. (2011). Vzaєmodіja ob’єktіv і analіz zagroz іnformacіjnіj bezpecі sistem elektronnogo navchannja [Interaction of objects and analysis of threats to information security of e-learning systems]. Bulletin of the East Ukrainian National University. Lugansk, Vidavnictvo SNU іm. V.Dalja [V. Dahl SNO Publishing House]. 7(161), part1, pp. С.112-119.
Order of the Ministry of Education and Science of Ukraine from 04/25/2020, no. 466. "On approval of the Regulations on distance learning "(As amended in accordance with the Orders of the Ministry of Education and Science number 660 from 01/06/2013, number 761 from 14/07/2015
Uskov A. V. Ivannikov A. D. Uskov V. L. (2008) Tehnologii obespechenija informacionnoj bezopasnosti korporativnyh obrazovatel'nyh setej [Technologies for information security of corporate educational networks]. Educational technologies and society. Vol. 11, no. 1, pp. 472-479.
Christian Josef Eibl. (2010). Discussion of Informtion Security in E-Learning. Siegen University, Department of Electrotechnics and Informatics, p. 160.
Defta Costinela-Luminita. (2011). Security issues in e-learning platforms. World Journal on Educational Technology. Cyprus, Academic World Education and Research Center. Vol.3, issue 3, pp. 153-167.
Hajwa Hayaati Mohd Alwi, Ip-Shing Fan. (2010). E-Learning and Information Security Management. International Journal of Digital Society. United Kingdom, Cranfield University. Vol. 1, issue 2, pp. 148-156.